Using on-device encryption, mobile device management and support for enterprise grade VPNs, Samsung is hoping to move Galaxy from consumer to business users and in the process challenge RIM's dominance in secure enterprise mobile communication.
Samsung SAFE (Samsung Approved for Enterprise) reverses the consumerization of IT trend by transforming the mobile device maker's smartphone handsets into devices that are secure enough for enterprise use.
Today Samsung will likely have an uphill battle in organizations that are satisfied with Research In Motion's BlackBerry Mobile Fusion, which can secure Apples iPhone iOS and Android devices along with BlackBerry phones and the PlayBook tablet. However, the pressure to accept a diversity of end-user devices is increasing. In this light, Samsung SAFE devices have all the hallmarks of an enterprise-ready device that IT managers should put on their strategic plan for supporting mobile users who require secure communication on a Samsung handset.
I used a Samsung Galaxy S III smartphone along with third-party mobile-device management (MDM) and VPN technology as well as Samsungs on-device 256-bit Advanced Encryption Standard (AES) encryption capabilities to see how SAFE works.
The first thing to take note of is that Samsung SAFE is a security designation that the handset maker uses to specify that some of its handsets are ready for use with third-party security products. Today, this means that handsets are designed to work with MDM systems from AirWatch, Juniper Networks, MobileIron and SAPs Afaria. Samsung is working with Cisco, F5 and Juniper for VPN support, and Microsoft Exchange ActiveSync for corporate email, calendar and contact information. All these third-party tools are wrapped up with on-device AES 256-bit encryption of both the phone and any removable Secure Digital (SD) card memory.
All in all, my work with Samsung SAFE shows that IT managers will benefit from starting pilots today to see how the approved for enterprise capabilities of Samsung devices will fit in with future mobile communication plans to support user choice.
The first thing I tested will also likely be the biggest stumbling block for Samsung SAFE: device encryption. Of course, its a great idea to encrypt the contents of the phone and any removable media in the phone. And nothing is more counterintuitive to the user experience of picking up a smartphone and getting right to work. Tight security based on strong passwords is a pain no matter which mobile handset maker is implementing it.
For example, I encrypted my test phone, a Samsung Galaxy S III running Android 4.0.4 (Ice Cream Sandwich). As a result, I needed to enter a strong password when I turned on the phone from an unpowered state in order to gain access to the SD card (not a very frequent action) and also every time the screen was turned on using the power button (very frequent.) Entering this password was fine during testing, but I wouldnt want to do it in the course of a workday.
Cameron Sturdevant is the executive editor of Enterprise Networking Planet. Prior to ENP, Cameron was technical analyst at PCWeek Labs, starting in 1997. Cameron finished up as the eWEEK Labs Technical Director in 2012. Before his extensive labs tenure Cameron paid his IT dues working in technical support and sales engineering at a software publishing firm . Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his analysis is grounded in real-world concern. Follow Cameron on Twitter at csturdevant, or reach him by email at email@example.com.